Abstract: Identification structure (1) with a portrait image (3) of a holder, the identification structure having a substrate (8,50), a laser sensitive layer (11,55) and a lens array (12,56) overlying the laser sensitive layer (11,55), the substrate including a printed pattern (9,54), the laser sensitive layer including a laser engraved image pattern (15,15?; 16,16?). The laser engraved image pattern forms a three dimensional portrait image (A,B) of the holder and the printed pattern forms a two-dimensional color pattern (C) of the portrait image of the holder, wherein the two-dimensional color pattern (C) and the three-dimensional portrait image (A,B) are adapted to be observed in a superimposed manner.

Abstract: Disclosed is a security document including an image layer with in a first image area an identification image. The document has in a second image area an authentication image that is composed of a first authentication image that is a positive version of the first image and a second authentication image that is a negative version of the first image. The authentication images can be observed at different angles and form a tilt image. Mutual comparison of the positive and negative tilt images and comparison with the identification image provides improved detection of unauthorized alterations.

Abstract: Identification structure (1) with a portrait image (3) of a holder, the identification structure having a substrate (8, 50), a laser sensitive layer (11, 55) and a lens array (12, 56) overlying the laser sensitive layer (11, 55), the substrate including a printed pattern (9, 54), the laser sensitive layer including a laser engraved image pattern (15, 15?; 16, 16?). The laser engraved image pattern forms a three dimensional portrait image (A, B) of the holder and the printed pattern forms a two-dimensional color pattern (C) of the portrait image of the holder, wherein the two-dimensional color pattern (C) and the three-dimensional portrait image (A, B) are adapted to be observed in a superimposed manner.

Abstract: Disclosed is a security document including an image layer with in a first image area an identification image. The document has in a second image area an authentication image that is composed of a first authentication image that is a positive version of the first image and a second authentication image that is a negative version of the first image. The authentication images can be observed at different angles and form a tilt image. Mutual comparison of the positive and negative tilt images and comparison with the identification image provides improved detection of unauthorized alterations.

Abstract: The invention relates to a method for securing a document including a visual element, carried out by a processing unit comprising processing means, the method comprising generation, from the visual element, of a reference security datum, and storage of the reference security datum, wherein the reference security datum is generated by means of an algorithm configured so as to generate: for any image acquired from the visual element, a security datum whereof the differences relative to the reference security datum are less than a determined threshold, and for any image acquired on a different visual element, a security datum whereof the differences relative to the reference security datum are greater than said threshold.

Abstract: The invention relates to a method for securing a document including a visual element, carried out by a processing unit comprising processing means, the method comprising generation, from the visual element, of a reference security datum, and storage of the reference security datum, wherein the reference security datum is generated by means of an algorithm configured so as to generate: for any image acquired from the visual element, a security datum whereof the differences relative to the reference security datum are less than a determined threshold, and for any image acquired on a different visual element, a security datum whereof the differences relative to the reference security datum are greater than said threshold.

Abstract: A server is configured to communicate with a group of clients over a network in one embodiment. The server maps the group of clients into a plurality of subgroups of bounded size, communicates to a given one of the clients information identifying the particular subgroup to which that client belongs as well as the other clients in that subgroup. The given client utilizes the communicated information to generate a ring signature over the corresponding subgroup of clients based on the communicated information. The subgroup size may be bounded to a minimum size and a maximum size in accordance with a variable privacy parameter. The server can increase or decrease the value of the parameter in order to provide respective increased or decreased privacy to the clients, by making it respectively more or less difficult to determine which client in a corresponding one of the subgroups produced the received ring signature.

Abstract: A first cryptographic device is authenticated by a second cryptographic device. The second cryptographic device stores an alternative version of a secret value associated with the first cryptographic device as a countermeasure to compromise of the secret value. In conjunction with a protocol carried out between the first cryptographic device and the second cryptographic device, the second cryptographic device determines the secret value based at least in part on the alternative version of the secret value, and utilizes the determined secret value to authenticate the first cryptographic device. The alternative version of the secret value may comprise a randomly-skewed version of the secret value. For example, the secret value may comprise a key or other parameter of the first cryptographic device and the alternative version of the secret value may comprise a randomly-skewed version of the key or other parameter.

Abstract: Methods and apparatus are provided for silent alarm channels using one-time passcode authentication tokens. A message is transmitted indicating a potential attack on a protected resource by obtaining the message; combining the message with a tokencode generated by a security token to generate a one-time passcode; and transmitting the one-time passcode to a receiver. A plurality of the messages can be obtained in parallel, and the plurality of parallel messages can be combined with the tokencode to generate the one-time passcode. A subsequent message can optionally be generated by applying a hash function to a prior n-bit value to provide a counter identifying each message. The message optionally also comprises one or more additional bits to provide an annotation of the message.

Abstract: A processing device is configured to identify a plurality of defensive security actions to be taken to address a persistent security threat to a system comprising information technology infrastructure, and to determine a schedule for performance of the defensive security actions based at least in part on a selected distribution derived from a game-theoretic model, such as a delayed exponential distribution or other type of modified exponential distribution. The system subject to the persistent security threat is configured to perform the defensive security actions in accordance with the schedule in order to deter the persistent security threat. The distribution may be selected so as to optimize defender benefit in the context of the game-theoretic model, where the game-theoretic model may comprise a stealthy takeover game in which attacker and defender entities can take actions at any time but cannot determine current game state without taking an action.

Abstract: A client device or other processing device comprises a file processing module, with the file processing module being operative to provide a file to a file system for encoding, to receive from the file system a proof of correct encoding of the file, and to verify the proof of correct encoding. The file system may comprise one or more servers associated with a cloud storage provider. Advantageously, one or more illustrative embodiments allow a client device to verify that its files are stored by a cloud storage provider in encrypted form or with other appropriate protections.

Abstract: Methods and apparatus are provided for authenticating a user using multi-server one-time passcode verification. A user is authenticated by receiving authentication information from the user; and authenticating the user based on the received authentication information using at least two authentication servers, wherein the received authentication information is based on a secret shared between a security token associated with the user and an authentication authority that provides the at least two authentication servers. For example, the authentication information can comprise a passcode comprised of a tokencode from the security token and a password from the user. The user can be authenticated only if, for example, all of the at least two authentication servers authenticate the received authentication information.

Abstract: A server is configured to communicate with a group of clients over a network. Each of the clients obtains a corresponding informational message comprising security-related information such as an indication of compromise (IOC), inserts noise in the information message to generate an anonymized message, and communicates the anonymized message to the server. The anonymized messages communicated by the respective clients to the server may be configured so as to prevent the server from identifying any individual client associated with a particular one of the anonymized messages, while also allowing the server to extract from the anonymized messages collectively one or more characteristics of the underlying informational messages. A given client may insert noise in an informational message by, for example, selecting a noise value from a specified range of noise values, and combining the informational message and the selected noise value to generate the anonymized message.

Abstract: Methods and apparatus are provided for embedding auxiliary information in one-time passcode authentication tokens. Auxiliary information is embedded in authentication information transmitted to a receiver by obtaining the auxiliary information; and mapping the auxiliary information to a codeword using a secret key, wherein the secret key is shared between the security token and an authentication authority; and combining the codeword with a tokencode generated by a security token to generate a one-time passcode. The one-time passcode can then be transmitted to the receiver.

Abstract: A client device or other processing device comprises a file processing module, with the file processing module being operative to provide a file to a file system for encoding, to receive from the file system a corresponding encoded file, and to verify that the file system stores at least a designated portion of an encapsulation of the encoded file. In an illustrative embodiment, the file processing module receives, in addition to or in place of the encoded file, a proof of correct encoding. The file system may comprise one or more servers associated with a cloud storage provider. Advantageously, one or more illustrative embodiments allow a client device to verify that its files are stored by a cloud storage provider in encrypted form or with other appropriate protections.

Abstract: A client device or other processing device comprises a file processing module, with the file processing module being operative to request proof from a file system that a file having a first format is stored by the file system in a second format different than the first format, to receive the proof from the file system, and to verify that the file is stored in the second format using the proof provided by the file system responsive to the request. The proof is based at least in part on application of a function to the file in the second format, and the function imposes a minimum resource requirement on generation of the proof. The file system may comprise one or more servers associated with a cloud storage provider. Advantageously, one or more illustrative embodiments allow a client device to verify that its files are stored by a cloud storage provider in encrypted form or with other appropriate protections.

Abstract: The present invention relates to a method and a system of securely computing a measure of similarity for at least two sets of data. A basic idea of the present invention is to securely compare two sets of encrypted data to determine whether the two sets of data resemble each other to a sufficient extent. If the measure of similarity complies with predetermined criteria, the two sets of data from which the encrypted sets of data originate are considered to be identical.

Abstract: A physical random function (PUF) is a function that is easy to evaluate but hard to characterize. Controlled physical random functions (CPUFs) are PUFs that can only be accessed via a security program controlled by a security algorithm that is physically bound to the PUF in an inseparable way. CPUFs enable certified execution, where a certificate is produced that proves that a specific computation was carried out on a specific processor. The invention provides an additional layer for generating a proof of execution which any third party can verify. This proof of execution is also useful to provide secure memory and secure interruptible program execution.

Abstract: The invention relates to a method of establishing a shared secret between two or more parties, based on a physical token, wherein helper data from both the enrolment and the authentication measurement is used in such a way that only response data reliable at both measurements is used to generate the shared secret. The generated shared secret is therefore identical to both parties to a high degree of certainty. The invention further relates to a system for generating such a shared secret, comprising a central database server and a terminal, or any one of them.

Abstract: The present invention relates to a method and a system of securely computing a measure of similarity for at least two sets of data. A basic idea of the present invention is to securely compare two sets of encrypted data to determine whether the two sets of data resemble each other to a sufficient extent. If the measure of similarity complies with predetermined criteria, the two sets of data from which the encrypted sets of data originate are considered to be identical.